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AMENDMENTS TO THE CLAIMS 

1.-4. (Canceled) 

5. (Previously Presented) An apparatus in a network element, wherein said network 
element is. any one of a packet router and a data switch operable to manipulate 
packets at any of Open System Interconnection (OSI) Layer 2 and 3 in a network, the 
apparatus comprising: 

a directory enabling element operable under control of an operating system of the 
network element, wherein the directory enabling element is configured to 
query, access, and update directory information that is managed by a directory 
service of the network that includes the network element, wherein the 
directory service is any one of a Lightweight Directory Access Protocol 
(LDAP) directory and an X.500 directory; 

an application programming interface coupled to the directory enabling element and 
configured to receive directory services requests from application programs 
and provide the directory services requests to the directory enabling element, 
wherein the application programs are hosted in the network element; 

a locator service coupled to the directory enabling element and accessible using the 
application programming interface and configured to enable the application 
programs to locate servers that provide the directory services in the network; 
and 
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19 a bind service in the directory enabling element and coupled to a security protocol 

20 and configured to bind an external application program to the security 

21 protocol. 

1 6. (Previously Presented) An apparatus as recited in Claim 5, further comprising a 

2 Unicode translation service configured to query, access, and update directory 

3 information that is encoded in a Unicode international character format. 

1 7. (Previously Presented) An apparatus in a network element, wherein said network 

2 element is any one of a packet router and a data switch operable to manipulate 

3 packets at any of Open System Interconnection (OSI) Layer 2 and 3 in a network, the 

4 apparatus comprising: 

5 a directory enabling element operable under control of an operating system of the 

6 network element, wherein the directory enabling element is configured to 

7 query, access, and update directory information that is managed by a directory 

8 service of the network that includes the network element, wherein the 

9 directory service is any one of a Lightweight Directory Access Protocol 

1 0 (LDAP) directory and an X.500 directory; 

1 1 an application programming interface coupled to the directory enabling element and 

12 configured to receive directory services requests from application programs 

13 and provide the directory services requests to the directory enabling element, 

14 wherein the application programs are hosted in the network element; 

1 5 a locator service coupled to the directory enabling element and accessible using the 

16 application programming interface and configured to enable the application 
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17 programs to locate servers that provide the directory services in the network; 

18 and 

19 an event service coupled to the directory enabling element and configured to receive 

20 registration of an event and an associated responsive action from an 

21 application program, notify the application program when the event occurs, 

22 and execute the associated responsive action in response thereto. 

1 8. (Canceled) 

1 9. (Previously Amended) An apparatus as recited in Claim 5, further comprising a 

2 group policy interface coupled to the directory enabling element and configured to 

3 receive and update the directory service with one or more definitions of directory 

4 services policies that apply to groups of network devices in the network. 

1 10. (Previously Presented) An apparatus as recited in Claim 5, further comprising 

2 an event service coupled to the directory enabling element and accessible using the 

3 application programming interface and configured to receive registration of an 

4 event and an associated responsive action from an application program, notify 

5 the application program when the event occurs, and execute the associated 

6 responsive action in response thereto. 

1 11. (Canceled) 
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1 12. (Previously Presented) An apparatus in a packet router, wherein said packet router is 

2 operable to manipulate packets at any of Open System Interconnection (OSI) Layer 2 

3 and 3 in a packet-switched network, the apparatus comprising: 

4 a directory enabling element operable under control of an operating system of the 

5 packet router, wherein the directory enabling element is configured to query, 

6 access, and update directory information that is managed by a directory 

7 service of the packet-switched network, wherein the directory service is any 

8 one of a Lightweight Directory Access Protocol (LDAP) directory and an 

9 X.500 directory; 

10 a bind service in the directory enabling element and coupled to a security protocol 

1 1 and configured to bind an application program to the security protocol; and 

12 an event service coupled to the directory enabling element and accessible using the 

13 application programming interface and configured to receive registration of an 

14 event and an associated responsive action from an application program, notify 

15 the application program when the event occurs, and execute the associated 

16 responsive action in response thereto. 

1 13. (Canceled) 

1 14. (Previously Presented) An apparatus in a* data switch, wherein said data switch is 

2 operable to manipulate packets at any of Open System Interconnection (OSI) Layer 2 

3 and 3 in a packet-switched network, the apparatus comprising: 
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4 a directory enabling element operable under control of an operating system of the 

5 data switch, wherein the directory enabling element is configured to query, 

6 access, and update directory information that is managed by a directory 

7 service of the packet-switched network, wherein the directory service is any 

8 one of a Lightweight Directory Access Protocol (LDAP) directory and an 

9 X.500 directory; 

10 a bind service in the directory enabling element and coupled to a security protocol 

1 1 and configured to bind an application program to the security protocol; and 

12 an event service coupled to the directory enabling element and accessible using the 

13 application programming interface and configured to receive registration of an 

14 event and an associated responsive action from an application program, notify 

1 5 the application program when the event occurs, and execute the associated 

16 responsive action in response thereto. 

1 15. (Canceled) 

1 16. (Currently Amended) A computer-readable tangible storage medium carrying storing 

2 one or more sequences of instructions for a network element, wherein said network 

3 element is any one of a packet router and a data switch operable to manipulate 

4 packets at any of Open System Interconnection (OSI) Layer 2 and 3 in a network, 

5 wherein execution of the one or more sequences of instructions by one or more 

6 processors of the network element causes the one or more processors to perform the 

7 steps of: 
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8 creating and storing a directory enabling element operable under control of an 

9 operating system of the network element, wherein the directory enabling 

10 element is configured to query, access, and update directory information that 

11 is managed by a directory service of the network that includes the network 

12 element, wherein the directory service is any one of a Lightweight Directory 

13 Access Protocol (LDAP) directory and an X.500 directory; 

14 binding an application program to a security protocol; 

15 creating an event and an associated responsive action that are associated with the 

16 application program; and 

17 in response to occurrence of the event, executing the responsive action, obtaining 

18 policy information from the directory service, and converting the policy 

19 information into one or more commands that are executable by the network 

20 element. 

1 17. (Currently Amended) A computer-readable tangible storage medium as recited in 

2 Claim 16, wherein execution of the one or more sequences of instructions by one or 

3 more processors causes the one or more processors to perform the further steps of: 

4 locating a nearest directory server and binding the application program to the nearest 9 

5 directory server that is located; 

6 locating a nearest event server and binding the application program to the nearest 

7 event server that is located. 
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1 18. (Currently Amended) A computer-readable tangible storage medium as recited in 

2 Claim 16, wherein execution of the one or more sequences of instructions by one or 

3 more processors causes the one or more processors to perform the further steps of: 

4 translating the policy information into one or more values that are ready to apply to a 

5 router, whereby a virtual private network is created between the router and 

6 another network device. 

1 19. (Currently Amended) A computer-readable tangible storage medium as recited in 

2 Claim 1 6, wherein execution of the one or more sequences of instructions by one or 

3 more processors causes the one or more processors to perform the further steps of: 

4 translating the policy information into one or more values that are ready to apply to a 

5 set of internal data structures of a router, by calling one or more internal NOS 

6 API functions, whereby a dynamic IPSEC configuration is created that 

7 connects the router and at least one other network device. 

1 20. (Currently Amended) A computer-readable tangible storage medium as recited in 

2 Claim 16, wherein execution of the one or more sequences of instructions by one or 

3 more processors causes the one or more processors to perform the further steps of 

4 establishing an application programming interface coupled to the directory enabling 

5 element and configured to receive directory services requests from application 

6 programs and provide the directory services requests to the one or more processors. 



1 21.-22. (Canceled) 
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1 23. (Previously Presented) A system comprising a network element enabled to 

2 automatically interface with directory services in a network, wherein the network 

3 element is any one of a packet router and a data packet switch operable to manipulate 

4 packets at any of Open System Interconnection (OSI) Layer 2 and 3 in the network, 

5 wherein the network element comprises: 

6 a directory enabling element operable under control of an operating system of the 

7 network element, wherein the directory enabling element is configured to 

8 query, access, and update directory information that is managed by directory 

9 services of the network that includes the network element, wherein the 

10 directory services include at least one of a Lightweight Directory Access 

1 1 Protocol (LDAP) directory and an X.500 directory; and 

12 a locator service coupled to the directory enabling element and configured to locate 

13 servers that provide the directory services in the network; 

14 wherein the network element obtains policy information from the directory services 

1 5 and updates the directory service. 

1 24. (Previously Presented) The system of Claim 23, wherein the network element 

2 includes a protocol agent for interfacing with the directory services. 

1 25.-26. (Canceled) 
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